BGP EVPN FRR AND ASR1001-X: различия между версиями
Sirmax (обсуждение | вклад) |
Sirmax (обсуждение | вклад) |
||
| Строка 232: | Строка 232: | ||
</PRE> |
</PRE> |
||
}} |
}} |
||
| − | <PRE> |
||
| − | hostname asr-tf |
||
| − | </PRE> |
||
| − | <PRE> |
||
| − | boot-start-marker |
||
| − | boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin |
||
| − | boot-end-marker |
||
| − | </PRE> |
||
| − | |||
| − | <PRE> |
||
| − | aaa new-model |
||
| − | aaa authentication login LOCAL-AUTH local-case |
||
| − | aaa authorization console |
||
| − | aaa authorization exec LOCAL-AUTHORIZATION local |
||
| − | </PRE> |
||
| − | <PRE> |
||
| − | ip name-server 192.168.32.1 |
||
| − | ip domain name lab |
||
| − | </PRE> |
||
| − | <PRE> |
||
| − | license boot level adventerprise |
||
| − | </PRE> |
||
| − | <PRE> |
||
| − | redundancy |
||
| − | mode none |
||
| − | </PRE> |
||
| − | ! |
||
| − | interface GigabitEthernet0/1/4 |
||
| − | no ip address |
||
| − | shutdown |
||
| − | negotiation auto |
||
| − | ! |
||
| − | interface GigabitEthernet0 |
||
| − | vrf forwarding Mgmt-intf |
||
| − | ip address dhcp |
||
| − | negotiation auto |
||
| − | ! |
||
| − | router ospf 1 |
||
| − | router-id 192.168.32.103 |
||
| − | redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF |
||
| − | passive-interface default |
||
| − | no passive-interface GigabitEthernet0/0/0.806 |
||
| − | network 10.80.6.0 0.0.0.255 area 0 |
||
| − | ! |
||
| − | |||
| − | no ip http server |
||
| − | no ip http secure-server |
||
| − | ip tftp source-interface GigabitEthernet0 |
||
| − | ip ssh version 2 |
||
| − | ip ssh pubkey-chain |
||
| − | username sirmax |
||
| − | key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E |
||
| − | ! |
||
| − | ! |
||
| − | ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32 |
||
| − | logging host 192.168.22.221 |
||
| − | ! |
||
| − | route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10 |
||
| − | match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK |
||
| − | ! |
||
| − | |||
| − | <PRE> |
||
| − | line vty 0 4 |
||
| − | exec-timeout 0 0 |
||
| − | authorization exec LOCAL-AUTHORIZATION |
||
| − | transport input telnet ssh |
||
| − | line vty 5 97 |
||
| − | exec-timeout 0 0 |
||
| − | authorization exec LOCAL-AUTHORIZATION |
||
| − | transport input telnet ssh |
||
| − | </PRE> |
||
| − | <PRE> |
||
| − | ntp logging |
||
| − | ntp source GigabitEthernet0 |
||
| − | ntp server vrf Mgmt-intf 192.168.32.2 |
||
| − | </PRE> |
||
| − | }} |
||
| − | |||
| − | ==111== |
||
| − | interface Loopback0 |
||
| − | ip address 192.168.32.103 255.255.255.255 |
||
| − | ! |
||
| − | interface GigabitEthernet0/0/0 |
||
| − | description Cisco 4948e Gi1/47 |
||
| − | no ip address |
||
| − | negotiation auto |
||
| − | ! |
||
| − | interface GigabitEthernet0/0/0.806 |
||
| − | description TENANT |
||
| − | encapsulation dot1Q 806 |
||
| − | ip address 10.80.6.251 255.255.255.0 |
||
| − | ! |
||
| − | |||
| − | =Базовая настройка роутера= |
||
| − | Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить |
||
| − | |||
| − | ==Сервисы== |
||
| − | {{#spoiler:show= 111111| |
||
| − | <PRE> |
||
| − | service timestamps debug datetime msec localtime show-timezone year |
||
| − | service timestamps log datetime msec localtime show-timezone year |
||
| − | service password-encryption |
||
| − | service unsupported-transceiver |
||
| − | no platform punt-keepalive disable-kernel-core |
||
| − | </PRE> |
||
| − | }}} |
||
<PRE> |
<PRE> |
||
hostname asr-tf |
hostname asr-tf |
||
Версия 18:13, 22 февраля 2025
FRR + ASR1001
Это статья продолжение настройки FRR но теперь к этой схеме я попробую добавить железку ASR1001X
Базовая настройка роутера
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
Сервисы
service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year service password-encryption service unsupported-transceiver no platform punt-keepalive disable-kernel-core
hostname asr-tf
boot-start-marker boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin boot-end-marker
aaa new-model aaa authentication login LOCAL-AUTH local-case aaa authorization console aaa authorization exec LOCAL-AUTHORIZATION local
ip name-server 192.168.32.1 ip domain name lab
license boot level adventerprise
redundancy mode none
! interface GigabitEthernet0/1/4
no ip address shutdown negotiation auto
! interface GigabitEthernet0
vrf forwarding Mgmt-intf ip address dhcp negotiation auto
! router ospf 1
router-id 192.168.32.103 redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF passive-interface default no passive-interface GigabitEthernet0/0/0.806 network 10.80.6.0 0.0.0.255 area 0
!
no ip http server no ip http secure-server ip tftp source-interface GigabitEthernet0 ip ssh version 2 ip ssh pubkey-chain
username sirmax key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
! ! ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32 logging host 192.168.22.221 ! route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
!
line vty 0 4 exec-timeout 0 0 authorization exec LOCAL-AUTHORIZATION transport input telnet ssh line vty 5 97 exec-timeout 0 0 authorization exec LOCAL-AUTHORIZATION transport input telnet ssh
ntp logging ntp source GigabitEthernet0 ntp server vrf Mgmt-intf 192.168.32.2
111
interface Loopback0
ip address 192.168.32.103 255.255.255.255
! interface GigabitEthernet0/0/0
description Cisco 4948e Gi1/47 no ip address negotiation auto
! interface GigabitEthernet0/0/0.806
description TENANT encapsulation dot1Q 806 ip address 10.80.6.251 255.255.255.0
!
Базовая настройка роутера
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
Сервисы
service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year service password-encryption service unsupported-transceiver no platform punt-keepalive disable-kernel-core
hostname asr-tf
boot-start-marker boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin boot-end-marker
aaa new-model aaa authentication login LOCAL-AUTH local-case aaa authorization console aaa authorization exec LOCAL-AUTHORIZATION local
ip name-server 192.168.32.1 ip domain name lab
license boot level adventerprise
redundancy mode none
! interface GigabitEthernet0/1/4
no ip address shutdown negotiation auto
! interface GigabitEthernet0
vrf forwarding Mgmt-intf ip address dhcp negotiation auto
! router ospf 1
router-id 192.168.32.103 redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF passive-interface default no passive-interface GigabitEthernet0/0/0.806 network 10.80.6.0 0.0.0.255 area 0
!
no ip http server no ip http secure-server ip tftp source-interface GigabitEthernet0 ip ssh version 2 ip ssh pubkey-chain
username sirmax key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
! ! ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32 logging host 192.168.22.221 ! route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
!
line vty 0 4 exec-timeout 0 0 authorization exec LOCAL-AUTHORIZATION transport input telnet ssh line vty 5 97 exec-timeout 0 0 authorization exec LOCAL-AUTHORIZATION transport input telnet ssh
ntp logging ntp source GigabitEthernet0 ntp server vrf Mgmt-intf 192.168.32.2
}}
111
interface Loopback0
ip address 192.168.32.103 255.255.255.255
! interface GigabitEthernet0/0/0
description Cisco 4948e Gi1/47 no ip address negotiation auto
! interface GigabitEthernet0/0/0.806
description TENANT encapsulation dot1Q 806 ip address 10.80.6.251 255.255.255.0
!
Базовая настройка роутера
Эта секция описывает абсолютно базовую настройку, но добавлена для того что бы схему было проще воспроизводить
Сервисы
service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year service password-encryption service unsupported-transceiver no platform punt-keepalive disable-kernel-core
}}
hostname asr-tf
boot-start-marker boot system bootflash:asr1001-universalk9.03.16.10.S.155-3.S10-ext.bin boot-end-marker
aaa new-model aaa authentication login LOCAL-AUTH local-case aaa authorization console aaa authorization exec LOCAL-AUTHORIZATION local
ip name-server 192.168.32.1 ip domain name lab
license boot level adventerprise
redundancy mode none
! interface GigabitEthernet0/1/4
no ip address shutdown negotiation auto
! interface GigabitEthernet0
vrf forwarding Mgmt-intf ip address dhcp negotiation auto
! router ospf 1
router-id 192.168.32.103 redistribute connected subnets route-map REDISTRIBUTE-CONNECTED-TO-OSPF passive-interface default no passive-interface GigabitEthernet0/0/0.806 network 10.80.6.0 0.0.0.255 area 0
!
no ip http server no ip http secure-server ip tftp source-interface GigabitEthernet0 ip ssh version 2 ip ssh pubkey-chain
username sirmax key-hash ssh-rsa 9F5937F6C8B84AB1F382B9A5CF3D955E
! ! ip prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK seq 10 permit 192.168.32.0/24 ge 32 logging host 192.168.22.221 ! route-map REDISTRIBUTE-CONNECTED-TO-OSPF permit 10
match ip address prefix-list REDISTRIBUTE-CONNECTED-TO-OSPF-LOOPBACK-BLOCK
!
line vty 0 4 exec-timeout 0 0 authorization exec LOCAL-AUTHORIZATION transport input telnet ssh line vty 5 97 exec-timeout 0 0 authorization exec LOCAL-AUTHORIZATION transport input telnet ssh
ntp logging ntp source GigabitEthernet0 ntp server vrf Mgmt-intf 192.168.32.2
}}
111
interface Loopback0
ip address 192.168.32.103 255.255.255.255
! interface GigabitEthernet0/0/0
description Cisco 4948e Gi1/47 no ip address negotiation auto
! interface GigabitEthernet0/0/0.806
description TENANT encapsulation dot1Q 806 ip address 10.80.6.251 255.255.255.0
!
